Privacy Policy for Pomodoro

Last updated: March 1, 2026

At Pomodoro ("we", "our", "us"), we respect your privacy. This Privacy Policy explains what data we process, why we process it, how long we keep it, who we share it with, and what controls and rights you have.

Important note about anonymous data: Some third-party SDKs (such as Firebase Analytics and Firebase Crashlytics) may process technical identifiers (for example, app instance identifiers and device information) to provide their services. Even if we do not collect your name or email, such data may still be considered personal data under some laws.

1. Data Controller

• App: Pomodoro
• Availability: Google Play and Apple App Store
• Developer / Company: JuJoDevs
• Contact (privacy): privacy@jujodevs.com
• Website / Policy URL: pomodoro.jujodevs.com/privacy-policy
• Country / Region: Spain

2. Data We Process

2.1 Data stored locally on your device (no account required)

To run the app, we store data locally on your device, such as timer settings, internal notification state, onboarding state, and timer usage statistics.

Storage technologies: Android DataStore and Room database.

Where processed: On your device.

2.2 Analytics (optional, based on your consent)

During onboarding (first launch), we ask whether you want to enable "Help improve the app." If enabled, we may send usage events to Firebase Analytics (Google), such as:

• timer phase started/completed,
• completed cycles,
• session paused/reset/stopped,
• phase duration.

Default setting: Analytics is disabled by default.

Control: You can enable or disable analytics in Settings at any time.

Firebase Analytics may process technical information and identifiers (for example app instance identifier, device and OS info, approximate network data) to provide analytics functionality.

We do not intentionally send your name, email address, or contact information to Analytics. We do not use Firebase for ads personalization or remarketing features.

2.3 Crash reporting (Firebase Crashlytics)

We use Firebase Crashlytics (Google) to detect issues and improve app stability. Crashlytics may collect technical data, such as app version, OS version, device model, time of crash, and stack traces.

We do not intentionally send your name, email address, or contact information to Crashlytics.

2.4 Data shared by you (Share progress)

If you use "Share progress", the app generates a summary text and shares it only through the app you choose (for example messaging or email apps). We do not receive the content you share.

2.5 Information we do not collect

• Location data
• Camera or microphone data
• Contacts, SMS, or call logs
• Payment information
• Sensitive categories of data (unless explicitly shared by you via other apps)

3. Permissions Used

Pomodoro may request:

• Notifications (to show timer reminders)
• Exact alarms (to improve timer and alert reliability)
• Foreground service (to run timing reliably while active)
• Boot completed (to restore alarms after device restart, if enabled)
• Internet / network state (only for Firebase services, if used)

We do not request location, camera, microphone, contacts, or SMS permissions.

4. Purposes of Processing

• Run and maintain timer and notifications
• Display your statistics in the app
• Improve performance, stability, and user experience
• Diagnose and fix technical issues
• Understand feature usage (only if you consent to analytics)

5. Legal Basis (where applicable)

• Performance of a contract/service for core timer functionality and local storage
• Consent for optional analytics ("Help improve the app")
• Legitimate interests (where permitted) for security/stability diagnostics

If you withdraw consent for analytics, we stop sending analytics events going forward.

6. Third-Party Services and Data Sharing

6.2 SDK providers

We only share data with providers needed for analytics and crash reporting:

• Google Firebase Analytics
• Google Firebase Crashlytics

We do not sell your personal data.

These providers typically act as processors/service providers and may process data under their own terms as well.

7. Data Retention

7.1 Local data (on-device)

• Local usage statistics: up to 365 days (older entries are automatically deleted)
• Local settings: until you clear app data or uninstall the app

7.2 Firebase data (if enabled/used)

Retention depends on Google/Firebase default policies and our Firebase configuration. We aim to keep retention no longer than necessary.

8. International Data Transfers

Third-party providers (such as Google Firebase) may process data on servers located outside your country. Where required by law, transfers may rely on legal safeguards such as Standard Contractual Clauses or other approved mechanisms.

9. Security

We use reasonable administrative, technical, and organizational measures designed to protect data, including encrypted transmission (HTTPS/TLS), access restrictions to development systems, and keeping dependencies updated where practical.

No method of transmission or storage is 100% secure, but we work to protect your data.

10. Your Controls and Rights

10.1 In-app controls

• Enable/disable analytics at any time in Settings
• Revoke system permissions in Android settings
• Remove local data by clearing app storage or uninstalling the app

10.2 Privacy rights (EEA/UK and similar jurisdictions)

Depending on your jurisdiction, you may have the right to:

• request access to your personal data,
• request correction,
• request deletion,
• object to processing or request restriction,
• request data portability (where applicable),
• withdraw consent for analytics at any time,
• lodge a complaint with your local data protection authority.

Because Pomodoro stores most data locally on your device and does not require an account, we may be limited in our ability to identify or retrieve data associated with you on our servers.

Contact for privacy requests: privacy@jujodevs.com

Supervisory authority (optional): If you are in Spain, you can contact the Spanish Data Protection Agency (AEPD). If you are in the EEA/UK, you may contact your local authority.

11. Children's Privacy

Pomodoro is not directed to children. We do not knowingly collect personal data from children. If you believe a child has provided personal data, contact us at privacy@jujodevs.com.

12. Changes to This Policy

We may update this Privacy Policy from time to time. The current version will be published at pomodoro.jujodevs.com/privacy-policy with an updated "Last updated" date.

13. Third-Party Policies

• Google Privacy Policy
• Firebase Privacy and Security

14. Contact

For questions about this Privacy Policy, contact: privacy@jujodevs.com